Beta

Source: OJ L, 2024/1772, 25.6.2024

EN

Article 5 Data losses

For the purpose of determining the data losses that the incident means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; entails as referred to in Article 18(1), point (d), of Regulation (EU) 2022/2554, financial entitiesas defined in Article 2, points (a) to (t) shall take into account the following:

  1. in relation to the availability of data, whether the incident means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; has rendered the data on demand by the financial entity means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations;, its clients or its counterparts temporarily or permanently inaccessible or unusable;

  2. in relation to the authenticity of data, whether the incident means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; has compromised the trustworthiness of the source of data;

  3. in relation to the integrity of data, whether the incident means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; has resulted in non-authorised modification of data that has rendered it inaccurate or incomplete;

  4. in relation to the confidentiality of data, whether the incident means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; has resulted in data having been accessed by or disclosed to an unauthorised party or system.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod